Lucene search
HistoryMay 06, 2014 - 2:55 p.m.
CVE-2013-7354
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.4
Confidence
High
EPSS
0.006
Percentile
79.4%
Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.
Affected configurations
Node
libpnglibpngRange≤1.5.13
ORlibpnglibpngMatch1.5.0beta
ORlibpnglibpngMatch1.5.1
ORlibpnglibpngMatch1.5.1beta
ORlibpnglibpngMatch1.5.2
ORlibpnglibpngMatch1.5.2beta
ORlibpnglibpngMatch1.5.3beta
ORlibpnglibpngMatch1.5.4
ORlibpnglibpngMatch1.5.4beta
ORlibpnglibpngMatch1.5.5
ORlibpnglibpngMatch1.5.5beta
ORlibpnglibpngMatch1.5.6
ORlibpnglibpngMatch1.5.6beta
ORlibpnglibpngMatch1.5.7
ORlibpnglibpngMatch1.5.7beta
ORlibpnglibpngMatch1.5.8
ORlibpnglibpngMatch1.5.8beta
ORlibpnglibpngMatch1.5.9
ORlibpnglibpngMatch1.5.9beta
ORlibpnglibpngMatch1.5.10beta
ORlibpnglibpngMatch1.5.11
ORlibpnglibpngMatch1.5.11beta
ORlibpnglibpngMatch1.5.12
ORlibpnglibpngMatch1.5.13beta
| Vendor | Product | Version | CPE |
|---|---|---|---|
| libpng | libpng | * | cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* |
| libpng | libpng | 1.5.0 | cpe:2.3:a:libpng:libpng:1.5.0:beta:*:*:*:*:*:* |
| libpng | libpng | 1.5.1 | cpe:2.3:a:libpng:libpng:1.5.1:*:*:*:*:*:*:* |
| libpng | libpng | 1.5.1 | cpe:2.3:a:libpng:libpng:1.5.1:beta:*:*:*:*:*:* |
| libpng | libpng | 1.5.2 | cpe:2.3:a:libpng:libpng:1.5.2:*:*:*:*:*:*:* |
| libpng | libpng | 1.5.2 | cpe:2.3:a:libpng:libpng:1.5.2:beta:*:*:*:*:*:* |
| libpng | libpng | 1.5.3 | cpe:2.3:a:libpng:libpng:1.5.3:beta:*:*:*:*:*:* |
| libpng | libpng | 1.5.4 | cpe:2.3:a:libpng:libpng:1.5.4:*:*:*:*:*:*:* |
| libpng | libpng | 1.5.4 | cpe:2.3:a:libpng:libpng:1.5.4:beta:*:*:*:*:*:* |
| libpng | libpng | 1.5.5 | cpe:2.3:a:libpng:libpng:1.5.5:*:*:*:*:*:*:* |
Related
prion
prion
Integer overflow
2014-05-06 14:55:00
ubuntucve
ubuntucve
CVE-2013-7354
2014-05-06 00:00:00
cve
cve
CVE-2013-7354
2014-05-06 14:55:05
debiancve
debiancve
CVE-2013-7354
2014-05-06 14:55:05
cvelist
cvelist
CVE-2013-7354
2014-05-06 14:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: mingw-libpng-1.5.18-1.fc19
2014-06-10 03:13:40
securityvulns
securityvulns
[ MDVSA-2014:084 ] libpng
2014-05-15 00:00:00
libpng security vulnerabilities
2015-04-20 00:00:00
nessus
nessus
openSUSE Security Update : libpng12 (openSUSE-SU-2014:0618-1)
2014-06-13 00:00:00
Mandriva Linux Security Advisory : libpng (MDVSA-2014:084)
2014-05-13 00:00:00
Fedora 19 : mingw-libpng-1.5.18-1.fc19 (2014-6892)
2014-06-10 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libpng (EulerOS-SA-2019-2383)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libpng (EulerOS-SA-2020-1496)
2020-04-16 00:00:00
Huawei EulerOS: Security Advisory for libpng (EulerOS-SA-2019-2247)
2020-01-23 00:00:00
mageia
mageia
Updated libpng packages fix two security vulnerabilities
2014-05-10 23:36:04
Updated libpng packages fix two security vulnerabilities
2014-05-10 23:34:01
gentoo
gentoo
libpng: Multiple vulnerabilities
2014-08-14 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1884
2021-07-02 17:16:15
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.4
Confidence
High
EPSS
0.006
Percentile
79.4%
Related for NVD:CVE-2013-7354